While investigating new submissions to the VirusTotal site, our researchers discovered the LMAO ransomware. This program is based on the Chaos ransomware, and it is designed to encrypt data and demand ransoms for its decryption. On our test machine, LMAO encrypted files and appended their filenam
While examining secure-your-device[.]com, we learned that it is a deceptive website. Secure-your-device[.]com displays fake warnings and wants to show notifications. Our team came across secure-your-device[.]com while inspecting websites associated with rogue advertising networks. Once vis
While analyzing desparnd[.]com, we uncovered its utilization of a clickbait technique to entice visitors into granting permission for notifications. Our investigation of pages linked to unreliable advertising networks led us to discover desparnd[.]com. It is important to note that this website has
BuSaveLock is ransomware belonging to the MedusaLocker family. Our team discovered BuSaveLock while examining samples on the VirusTotal page. The purpose of BuSaveLock is to encrypt files and demand payment in return for their decryption. Also, this ransomware provides a ransom note ("How_to_back_
During our examination of gouddin[.]com, we found that this page uses clickbait to lure visitors into allowing it to show notifications. We discovered gouddin[.]com while inspecting pages associated with rogue advertising networks. It is worth mentioning that gouddin[.]com may redirect visitors to
Gserience[.]xyz is the address of a rogue webpage. It is designed to trick visitors into permitting its browser notification delivery. This page can also redirect them to other (likely untrustworthy/hazardous) sites. The majority of users access webpages like gserience[.]xyz through redirects cau
During our investigation of groovinews[.]com, we identified its utilization of deceitful methods, including the presentation of misleading messages and other content, to manipulate visitors into subscribing to notifications. Additionally, groovinews[.]com has the potential to redirect users to oth
Our research team found the gripehealth[.]com rogue page while examining untrustworthy websites. It is designed to push browser notification spam and redirect users to other (likely dubious/harmful) sites. Visitors to gripehealth[.]com and webpages akin to it – primarily access them through redir
While inspecting new submissions to the VirusTotal site, we discovered the TmrCrypt0r malicious program. It belongs to the Xorist ransomware family. On our testing system, this ransomware encrypted files and appended their filenames with a ".TMRCRYPT0R" extension. For example, and original filena
While reviewing new submissions to VirusTotal, our researchers discovered the AnalyzeHelper application. After examining the app, we determined that it is advertising-supported software (adware). Additionally, we learned that AnalyzeHelper belongs to the AdLoad malware family. Adware is